CVE-2024-11150 - Arbitrary File Deletion in WordPress User Extra Fields Plugin (Up to 16.6) — Exploit Details, Code & Deep Dive
Summary:
CVE-2024-11150 is a critical vulnerability in the "User Extra Fields" WordPress plugin (versions up to and including 16.6). Due to poor
CVE-2024-10800 - Privilege Escalation in WordPress User Extra Fields Plugin – Explained
A new WordPress vulnerability—CVE-2024-10800—puts thousands of sites at immediate risk. This affects the popular User Extra Fields plugin, with over 10,000 active
CVE-2024-10828 - How Unauthenticated Attackers Can Delete Files (and More) in WooCommerce Sites with Advanced Order Export Plugin
*Posted: June 2024 | Category: WordPress Security, Zero-Day*
If you run a WooCommerce shop with the Advanced Order Export For WooCommerce plugin, this post might save
CVE-2024-10816 - Critical Directory Traversal in LUNA RADIO PLAYER WordPress Plugin Exposes Sensitive Server Files
---
In early 2024, a serious security vulnerability (CVE-2024-10816) was discovered in the LUNA RADIO PLAYER plugin for WordPress. This bug affects all versions up
CVE-2024-10820 - Critical Unauthenticated File Upload in WooCommerce Upload Files – Exploit Analysis and Prevention
On February 15, 2024, a major security flaw, CVE-2024-10820, was uncovered in the popular WooCommerce Upload Files WordPress plugin. All versions up to and including
Episode
00:00:00
00:00:00